Access Management Specialist - Controls and Remediation
other jobs eFinancial Careers
Added before 176 Days
- full-time
- Competitive salary
Job Description:
On behalf of Tesco Bank, AMS are now looking for an Access Management Specialist to work in their Access Assurance team based in Glasgow/Edinburgh.
There is flexibility around office attendance for candidates based further out (once/month for example). This is an initial contract up to October 2024. An extension is currently being sought for this contract length.
Tesco Bank prides itself on their range of simple and convenient retail banking and insurance products designed specifically to meet the needs of Tesco customers. They believe that every little help makes a big difference, and by putting the customer first and rewarding their loyalty, they are offering something they believe every bank should.
Job description - the role
Primarily you will be working from a work stack of improvement actions in the access space. You will be key to ensuring that Tesco Bank operate an effective control environment for their Identity & Access Cyber Security Controls.
The work will include specialist support for Access Management implementations within Technology to identify operationally where proportionate controls should be applied to reduce risk, improve security, and comply with Policy & Standards. This activity will span On-Premises, Cloud hosted/SaaS applications & infrastructure including the extension of existing Role Based Access models, entitlement certification processes and Privileged Credential Storage where gaps are identified.
Additionally, the role may include ensuring effective Access Management controls are in place within other areas of Technology through engagement with Projects that are delivering new or changed Technology.
The role presents the opportunity to interact with Business Application owners and their teams, Technology Platform teams & SMEs within Access Management/IT Security, Risk & Control.
Key Activities
* Engagement with Project Management/Oversight & Access/Security teams.
* Recommending Access Control Remediation/Implementation Activity.
* Tracking implementation of Access Controls on a per application basis.
* Ensuring Controls implementation will pass independent assurance tests.
Candidate Profile: Key accountabilities, skills & experience
* Knowledge of Access Management fundamentals (e.g. Role Based Access, concepts of Least Privilege/Toxic Combinations, Entitlement reviews etc. Levels of Privilege/Segregation of Duties etc.)
* Ability to confidently lead a privileged access review, engage with application SMEs and to report findings, recommendations and track these through to remediation.
* Ability to understand technology entitlements and assist teams in designing appropriate Role Based Access Models.
* Knowledge of wider Cyber Security Controls (Structure, Assessment etc.)
* Good communication and influencing skills.
* Previous of experience of working on Technology Infosec Access Management programmes within a regulated authority (financial services, healthcare, etc.).
Why Tesco Bank?
At Tesco Bank everyone is welcome, we value our people and diverse teams and believe the variety of backgrounds and experiences make us stronger in achieving our goals. It’s important to us that we make sure you’re supported by your team and colleague networks every day, celebrating when it matters and helping you to be the best version of yourself. The people make Tesco Bank, and we take pride in what we achieve together.
Next steps
If you are interested in applying for this position and meet the criteria outlined above, please click the link to apply and we will contact you with an update in due course.
Our client will only accept workers operating via an Umbrella or PAYE engagement model.
Please note that for the duration of this assignment you will be working as an external resource engaged by AMS.
There is flexibility around office attendance for candidates based further out (once/month for example). This is an initial contract up to October 2024. An extension is currently being sought for this contract length.
Tesco Bank prides itself on their range of simple and convenient retail banking and insurance products designed specifically to meet the needs of Tesco customers. They believe that every little help makes a big difference, and by putting the customer first and rewarding their loyalty, they are offering something they believe every bank should.
Job description - the role
Primarily you will be working from a work stack of improvement actions in the access space. You will be key to ensuring that Tesco Bank operate an effective control environment for their Identity & Access Cyber Security Controls.
The work will include specialist support for Access Management implementations within Technology to identify operationally where proportionate controls should be applied to reduce risk, improve security, and comply with Policy & Standards. This activity will span On-Premises, Cloud hosted/SaaS applications & infrastructure including the extension of existing Role Based Access models, entitlement certification processes and Privileged Credential Storage where gaps are identified.
Additionally, the role may include ensuring effective Access Management controls are in place within other areas of Technology through engagement with Projects that are delivering new or changed Technology.
The role presents the opportunity to interact with Business Application owners and their teams, Technology Platform teams & SMEs within Access Management/IT Security, Risk & Control.
Key Activities
* Engagement with Project Management/Oversight & Access/Security teams.
* Recommending Access Control Remediation/Implementation Activity.
* Tracking implementation of Access Controls on a per application basis.
* Ensuring Controls implementation will pass independent assurance tests.
Candidate Profile: Key accountabilities, skills & experience
* Knowledge of Access Management fundamentals (e.g. Role Based Access, concepts of Least Privilege/Toxic Combinations, Entitlement reviews etc. Levels of Privilege/Segregation of Duties etc.)
* Ability to confidently lead a privileged access review, engage with application SMEs and to report findings, recommendations and track these through to remediation.
* Ability to understand technology entitlements and assist teams in designing appropriate Role Based Access Models.
* Knowledge of wider Cyber Security Controls (Structure, Assessment etc.)
* Good communication and influencing skills.
* Previous of experience of working on Technology Infosec Access Management programmes within a regulated authority (financial services, healthcare, etc.).
Why Tesco Bank?
At Tesco Bank everyone is welcome, we value our people and diverse teams and believe the variety of backgrounds and experiences make us stronger in achieving our goals. It’s important to us that we make sure you’re supported by your team and colleague networks every day, celebrating when it matters and helping you to be the best version of yourself. The people make Tesco Bank, and we take pride in what we achieve together.
Next steps
If you are interested in applying for this position and meet the criteria outlined above, please click the link to apply and we will contact you with an update in due course.
Our client will only accept workers operating via an Umbrella or PAYE engagement model.
Please note that for the duration of this assignment you will be working as an external resource engaged by AMS.
Job number 1168674
metapel
Company Details:
eFinancial Careers
From simple beginnings in 1995, Talent has been on a journey to redefine the world of recruitment through creating the most empowering customer and ca...